package cn.com.easy.permission.web.controller;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.BeanUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.servlet.mvc.support.RedirectAttributes;

import cn.com.easy.permission.dao.UserDao;
import cn.com.easy.permission.model.UserModel;
import cn.com.easy.permission.service.system.urlreserve.anotion.UrlReserveAnotion;
import cn.com.easy.utils.RequestUtils;
import cn.com.easy.utils.SecurityUtils;

/**
 * 密码修改控制器
 * 
 * @author nibili 2015年12月13日上午12:23:04
 * 
 */
@Controller
@RequestMapping("/manage/system/password")
public class SystemPasswordController {

	private Logger logger = LoggerFactory.getLogger(SystemPasswordController.class);

	/**
	 * 用户信息dao
	 */
	@Autowired
	private UserDao userDao;

	/**
	 * 重置密码页
	 * 
	 * @return
	 */
	@UrlReserveAnotion("重置密码页")
	@RequestMapping(value = "/reset", method = RequestMethod.GET)
	public String resetPwd(HttpServletRequest request, RedirectAttributes redirectAttributes) throws Exception {
		if (StringUtils.isNotBlank(request.getParameter("first")) == true) {
			request.setAttribute("msgFirstLogin", "初次登录，请重置密码");
		}
		return "/system/system_password_reset/system_password_reset";
	}

	/**
	 * 处理重置密码请求
	 * 
	 * @return
	 */
	@UrlReserveAnotion("重置密码请求")
	@RequestMapping(value = "/reset/post", method = RequestMethod.POST)
	public String doResetPwd(HttpServletRequest request, HttpServletResponse response, RedirectAttributes redirectAttributes) throws Exception {
		//
		String referer = request.getHeader("Referer");
		// 返回客户端信息
		String message = "重置密码成功";
		try {
			// 用户信息
			UserModel user = (UserModel) request.getSession().getAttribute(RequestUtils.USER_TAG);
			if (user != null) {
				// 旧密码
				String passwd = request.getParameter("password");
				// 新密码
				String newPasswd = request.getParameter("newPassword");
				if (StringUtils.isBlank(passwd) == true || StringUtils.isBlank(newPasswd) == true) {
					message = "密码不能为空!";
				} else {
					UserModel userModel = userDao.findByLoginnameAndPassword(user.getLoginname(), SecurityUtils.SHA256Normal(SecurityUtils.SHA256Normal(passwd)));
					if (userModel != null) {
						// 旧密码正确
						newPasswd = SecurityUtils.SHA256Normal(SecurityUtils.SHA256Normal(newPasswd));
						if (userModel.getPassword().equals(newPasswd) == true) {
							message = "新密码与原密码不能一致!";
						} else {
							userModel.setPassword(newPasswd);
							// 保存密码
							userModel = userDao.save(userModel);
							UserModel userModelTemp = new UserModel();
							BeanUtils.copyProperties(userModel, userModelTemp);
							RequestUtils.setCurrentUser(request, userModelTemp);
							logger.info("用户重置密码:" + ((UserModel) RequestUtils.getCurrentUser(request)).getId());
						}
					} else {
						// 旧密码不正确
						message = "原密码不正确!请重新输入!";
					}
				}

			} else {
				message = "未登录!";
			}
		} catch (Exception ex) {
			logger.error("修改密码异常：" + ex.getMessage(), ex);
			message = "修改密码异常：" + ex.getMessage();
		}
		redirectAttributes.addAttribute("msg", message);
		// 判断是否是第一次强制修改密码
		if (referer.indexOf("?first") != -1 && "重置密码成功".equals(message) == true) {
			// 是第一次强制修改密码，跳到用户首页
			return "redirect:/manage/index";
		} else {
			return "redirect:" + referer.replaceAll("msg.*", "");
		}
	}
}
